Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
C=CN, ST=浙江省, L=杭州市, O=Alibaba Cloud Computing Ltd., CN=ru.aliexpress.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1
Valid From
March 20, 2025
Valid Until
March 20, 2026
119 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
8C:68:21:B5:32:52:BC:0B:D0:F9:36:62:13:A8:E1:F9:9D:1A:F9:D2:05:AC:F4:77:4A:47:2B:E2:47:FF:A0:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
96 domains
ae01.alicdn.com
aeis.alicdn.com
aelive-ru.alicdn.com
aeliveqa-center.alicdn.com
aeproductsourcesite.alicdn.com
aeu.alicdn.com
assets.alicdn.com
b.alicdn.com
g.alicdn.com
i.alicdn.com
img.alicdn.com
is.alicdn.com
lazada.alicdn.com
u.alicdn.com
style.alibaba.com
detect-de-ak.aliexpress-media.com
a.aliexpress.com
acs.aliexpress.com
activities.aliexpress.com
ajax.aliexpress.com
api.dos.aliexpress.com
api.m.aliexpress.com
ar.aliexpress.com
best.aliexpress.com
brands.aliexpress.com
campaign.aliexpress.com
cdp.aliexpress.com
cn.m.aliexpress.com
connectkeyword.aliexpress.com
ddu.pt.aliexpress.com
de.aliexpress.com
desc.aliexpress.com
es.aliexpress.com
feedback.aliexpress.com
fr.aliexpress.com
group.aliexpress.com
gtreu.aliexpress.com
gtrhz.aliexpress.com
gtrru.aliexpress.com
gtrus.aliexpress.com
h5.aliexpress.com
he.aliexpress.com
hotproducts.aliexpress.com
id.aliexpress.com
ilce.aliexpress.com
it.aliexpress.com
ja.aliexpress.com
ko.aliexpress.com
lighthouse.aliexpress.com
login.aliexpress.com
m.aliexpress.com
m.ar.aliexpress.com
m.de.aliexpress.com
m.es.aliexpress.com
m.fr.aliexpress.com
m.he.aliexpress.com
m.id.aliexpress.com
m.it.aliexpress.com
m.ja.aliexpress.com
m.ko.aliexpress.com
m.nl.aliexpress.com
m.pl.aliexpress.com
m.pt.aliexpress.com
m.ru.aliexpress.com
m.th.aliexpress.com
m.tr.aliexpress.com
m.vi.aliexpress.com
macc.aliexpress.com
mbest.aliexpress.com
message.aliexpress.com
msu.aliexpress.com
my.aliexpress.com
nl.aliexpress.com
passport.aliexpress.com
pl.aliexpress.com
promotion.aliexpress.com
pt.aliexpress.com
ru.aliexpress.com
s.click.aliexpress.com
sale.aliexpress.com
selection.aliexpress.com
shoppingcart.aliexpress.com
shoppingcart1.aliexpress.com
ssr.aliexpress.com
style.aliexpress.com
th.aliexpress.com
tr.aliexpress.com
us-click.aliexpress.com
us.ae.aliexpress.com
us.cobra.aliexpress.com
vi.aliexpress.com
www.aliexpress.com
acs.aliexpress.us
login.aliexpress.us
m.aliexpress.us
www.aliexpress.us
Other domains in certificate